Sacha Faust Web Security Blog

The FxCop ASP.NET security rules have finally been released after being used for quite some time...

Date: 12/13/2010

I’ve been tackling the problem of users connecting to online services from untrusted network. At...

Date: 05/11/2010

In a way to limit the risk of Cross-Site Scripting (XSS) attacks, ASP.NET 2.0 introduced a way to...

Date: 04/28/2010

We published a new security whitepaper base on our experience with ASP.NET MVC. The whitepaper is...

Date: 12/08/2009

I’ve been working on code auditing for a project that makes use of the latest ASP.NET MVC api....

Date: 01/07/2009

ASP.NET has had a mitigation to prevent against CSRF/One-Click attacks since 1.1 with the use of...

Date: 09/25/2008

In my previous post, I provided a list of which ASP.NET HTML control property that offers automatic...

Date: 09/18/2008

I've had a lot of people ask me which ASP.NET control offers automatic html encoding and the answer...

Date: 09/02/2008